84 SLCERT maintains a good rapport with government and private establishments, and extends assistance to the general public.

2 Activities Operations

2.1 Incident Handling Statistics

Incidents reported to SLCERT increased up to 69 in the year 2009. This is a major hike in the number of incidents reported compared to the 49 incidences reported in 2008. The following chart depicts the distribution of various types of incidents reported to SLCERT. All the incidents reported to SLCERT have been resolved satisfactorily. Distribution of Incidents Reported to SLCERT Phishing 14 Scam s 16 HateThreat Mail 12 Malw are 17 Defacem ents 22 Unauthorized Access 5 AbusePrivacy 14 The following graph depicts the increase in the number of incidents since the inception of SLCERT in mid-2006. 85

2.2 Computer Crime Statistics

Sri Lankan Government introduced a new act titled Computer Crimes Act in 2007 to curb electronic crimes in Sri Lanka. The following graph depicts the number of computer crime related offences reported to Sri Lankan law enforcement agencies in year 2009. 2.3 New services 2.3.1 Behavioral Analysis of Malware SLCERT started work on behavioral analysis of malware in the first quarter of year 2008 in order to provide better recovery procedures for affected constituents. In the year 2009 SLCERT received a number of malware samples from government institutions for analysis. SLCERT has now acquired lab equipment to analyses malware in standard environments.

2.3.2 Digital Forensics

The Computer Crimes Act of 2007 enabled the law enforcement officers to obtain the technical expertise of recognized information security professionals and organizations to extract and present digital evidence in court. Accordingly, SLCERT has assisted Sri Lankan law enforcement agencies in carrying out forensic investigations.

2.3.3 Penetration Testing

86 There were some major attacks on critical information systems in Sri Lanka during 2008. As a proactive measure SLCERT has been assigned the task of carrying out vulnerability assessments and penetration tests for some major information systems. SLCERT started this service during the fourth quarter of 2008.

3 Events organized co-organized

3.1 Training Education

SLCERT organizes training programs and education sessions targeting various audiences including CIOs, Engineers, System Administrators, Banking and telecom sector staff, Students, and general public. During the year 2009 SLCERT conducted the following training, education programs successfully: 1. Lecture on “Information Security” for MBA students 2. Conference on Information Security for CIO’s of Government Departments 3. Participated in a number of IT exhibitions by taking stalls with a view to educating the general public on IT Security

3.2 Consultancy

SLCERT provides consultancy services for requests, especially for government departments. During the year 2009, the following consultancy services were provided: 1. Network reviews for 6 government departments 2. Forensics investigation support for Law enforcement 3. Setting up a CA server for a government department 4. Initiated the implementation of a new computer forensics laboratory for Police Department

3.3 Seminars Workshops